Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFE8B0285B4A11F0BE65F79EDAE4EC9C.roa
File: BFE8B0285B4A11F0BE65F79EDAE4EC9C.roa (raw, json)
Hash identifier: YnyMCWGZKlwkPHVYMX68LqcwTqZC/Tkukkjh6TNE/qA=
Subject key identifier: 67:F0:4C:84:B3:5F:93:DA:2A:9C:7F:2E:66:2D:A7:3D:9B:25:C1:D9
Certificate issuer: /CN=F368F2D0AF/serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Certificate serial: 018C2A
Authority key identifier: 25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
Authority info access: rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFE8B0285B4A11F0BE65F79EDAE4EC9C.roa
Signing time: Mon 07 Jul 2025 15:55:06 +0000
ROA not before: Mon 07 Jul 2025 15:55:00 +0000
ROA not after: Sat 16 Aug 2025 15:55:00 +0000
asID: 142032
IP address blocks: 154.222.16.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.mft
rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Tue 22 Jul 2025 00:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101418 (0x18c2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AF, serialNumber=25D63E08EABE7CFA6785D4C1D6D34116DE15B3DC
Validity
Not Before: Jul 7 15:55:00 2025 GMT
Not After : Aug 16 15:55:00 2025 GMT
Subject: CN=686bedda-5bf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d5:84:a9:64:e6:62:b0:7a:f5:86:7c:a9:6a:
69:47:e8:de:6f:45:44:05:cb:db:33:46:83:b6:4f:
b6:4e:7f:bb:04:36:c8:e6:9f:1d:4a:ff:76:7d:4f:
6f:14:60:48:f3:28:e2:c5:57:5b:da:82:29:9b:87:
60:81:bf:86:96:29:47:03:9b:90:5b:27:ca:57:b0:
e9:d5:c4:a0:4c:b9:75:98:02:42:c4:11:70:76:02:
94:96:69:2b:f6:d7:53:32:c8:bc:81:9d:bd:2d:2b:
d7:40:10:8e:19:15:bd:05:1a:2b:f1:76:04:73:fb:
59:50:12:b2:07:53:43:3d:bd:53:7e:ff:67:93:f3:
40:4f:8f:f9:3e:08:20:6c:51:e8:ce:6a:e6:40:40:
a8:ed:1c:74:d1:ec:bc:c5:ef:2c:6a:ed:c7:ee:ad:
d9:56:54:da:81:23:bf:e7:c6:d5:d1:bf:3e:9d:04:
5f:6c:46:f7:46:16:fa:ad:e5:ef:9f:c4:f7:af:87:
5e:78:46:96:3a:d9:6e:e4:19:cf:23:c5:32:70:78:
0b:02:05:c0:d3:3c:1c:2c:a6:d8:1a:96:e9:ab:d8:
23:c9:9d:5e:7d:87:92:60:5b:90:34:03:e0:fd:72:
58:40:91:fc:25:d2:30:62:b7:a6:41:fe:3f:6d:0b:
86:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:F0:4C:84:B3:5F:93:DA:2A:9C:7F:2E:66:2D:A7:3D:9B:25:C1:D9
X509v3 Authority Key Identifier:
keyid:25:D6:3E:08:EA:BE:7C:FA:67:85:D4:C1:D6:D3:41:16:DE:15:B3:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/JdY-COq-fPpnhdTB1tNBFt4Vs9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/JdY-COq-fPpnhdTB1tNBFt4Vs9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/7F4A98EA6E0511E89C0D6E4BF8AEA228/BFE8B0285B4A11F0BE65F79EDAE4EC9C.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
154.222.16.0/20
Signature Algorithm: sha256WithRSAEncryption
a1:36:e6:60:ac:c0:26:9a:11:9c:b0:79:91:05:fb:40:1a:92:
f9:5f:a2:c9:6f:b2:74:b7:46:3a:b4:c0:ff:9e:8b:66:f7:3d:
44:79:43:4a:6e:d4:e1:be:0f:f7:da:3e:3f:f7:74:19:f6:df:
58:80:e3:9e:af:84:3f:42:9d:d5:59:70:04:58:6b:2d:9e:b5:
f3:28:4e:7b:76:a3:bc:4a:c2:c6:f7:cf:9b:8b:d8:2a:8c:24:
38:53:7a:64:c6:3b:bd:98:2d:dc:3a:56:5c:b2:c9:ef:6e:0d:
49:92:77:47:88:5c:e5:ca:5a:a4:41:a4:b6:47:bf:70:86:4a:
d6:0b:92:ab:a2:43:8b:16:5e:24:4d:8b:dc:b9:f0:2e:bf:f4:
0f:3f:36:7b:a2:b2:a1:73:ee:36:ae:f2:c8:7f:a0:31:54:1a:
bd:7f:a0:9d:7e:41:ba:61:88:c0:cd:5f:81:32:cf:df:d1:49:
58:51:c7:8d:8a:2d:2f:75:b7:46:2a:76:ec:4c:47:e3:e5:56:
ab:0a:a6:65:5a:16:bf:30:5d:36:8f:9f:8c:b0:df:2c:d8:b2:
2a:ed:16:0f:9d:12:b3:db:c1:96:ff:fc:01:76:a7:1c:72:21:
09:5b:d5:e3:2c:42:49:34:5d:61:0d:02:77:3e:1d:af:9b:57:
82:8e:46:49
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAYwqMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQUYxMTAvBgNVBAUTKDI1RDYzRTA4RUFCRTdDRkE2Nzg1RDRDMUQ2RDM0
MTE2REUxNUIzREMwHhcNMjUwNzA3MTU1NTAwWhcNMjUwODE2MTU1NTAwWjAYMRYw
FAYDVQQDEw02ODZiZWRkYS01YmY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvtWEqWTmYrB69YZ8qWppR+jeb0VEBcvbM0aDtk+2Tn+7BDbI5p8dSv92
fU9vFGBI8yjixVdb2oIpm4dggb+GlilHA5uQWyfKV7Dp1cSgTLl1mAJCxBFwdgKU
lmkr9tdTMsi8gZ29LSvXQBCOGRW9BRor8XYEc/tZUBKyB1NDPb1Tfv9nk/NAT4/5
PgggbFHozmrmQECo7Rx00ey8xe8sau3H7q3ZVlTagSO/58bV0b8+nQRfbEb3Rhb6
reXvn8T3r4deeEaWOtlu5BnPI8UycHgLAgXA0zwcLKbYGpbpq9gjyZ1efYeSYFuQ
NAPg/XJYQJH8JdIwYremQf4/bQuG7QIDAQABo4ICpTCCAqEwHQYDVR0OBBYEFGfw
TISzX5PaKpx/LmYtpz2bJcHZMB8GA1UdIwQYMBaAFCXWPgjqvnz6Z4XUwdbTQRbe
FbPcMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJGOEFFQTIyOC9KZFkt
Q09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY3JsMGcGCCsGAQUFBwEBBFswWTBXBggr
BgEFBQcwAoZLcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYWZy
aW5pYy9KZFktQ09xLWZQcG5oZFRCMXROQkZ0NFZzOXcuY2VyME8GA1UdIAEB/wRF
MEMwQQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmlu
aWMubmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYB
BQUHMAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1i
ZXJfcmVwb3NpdG9yeS9GMzY4RjJEMC83RjRBOThFQTZFMDUxMUU4OUMwRDZFNEJG
OEFFQTIyOC9CRkU4QjAyODVCNEExMUYwQkU2NUY3OUVEQUU0RUM5Qy5yb2EwNQYI
KwYBBQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24u
eG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEmt4QMA0GCSqGSIb3DQEB
CwUAA4IBAQChNuZgrMAmmhGcsHmRBftAGpL5X6LJb7J0t0Y6tMD/notm9z1EeUNK
btThvg/32j4/93QZ9t9YgOOer4Q/Qp3VWXAEWGstnrXzKE57dqO8SsLG98+bi9gq
jCQ4U3pkxju9mC3cOlZcssnvbg1JkndHiFzlylqkQaS2R79whkrWC5KrokOLFl4k
TYvcufAuv/QPPzZ7orKhc+42rvLIf6AxVBq9f6CdfkG6YYjAzV+BMs/f0UlYUceN
ii0vdbdGKnbsTEfj5VarCqZlWha/MF02j5+MsN8s2LIq7RYPnRKz28GW//wBdqcc
ciEJW9XjLEJJNF1hDQJ3Ph2vm1eCjkZJ
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:01:15 2025 by rpki-client